Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/09/13 7:25 a.m.13 views

CVE-2025-9627

The Run Log plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.10. This is due to missing or incorrect nonce validation on the oirlpluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings includi...

4.3CVSS5.2AI score0.00151EPSS
Exploits0References1
NVD
NVD
added 2025/09/11 8:15 a.m.18 views

CVE-2025-9627

The Run Log plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.10. This is due to missing or incorrect nonce validation on the oirlpluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings includi...

4.3CVSS0.00151EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/11 7:24 a.m.3 views

CVE-2025-9627 Run Log <= 1.7.10 - Cross-Site Request Forgery to Settings Update

The Run Log plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.10. This is due to missing or incorrect nonce validation on the oirlpluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings includi...

4.3CVSS4.9AI score0.00151EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/11 7:24 a.m.9 views

CVE-2025-9627 Run Log <= 1.7.10 - Cross-Site Request Forgery to Settings Update

The Run Log plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.10. This is due to missing or incorrect nonce validation on the oirlpluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings includi...

4.3CVSS0.00151EPSS
Exploits0References3
CVE
CVE
added 2025/09/11 7:24 a.m.15 views

CVE-2025-9627

CVE-2025-9627 describes a CSRF vulnerability in the WordPress Run Log plugin (versions up to and including 1.7.10). The issue stems from missing/incorrect nonce validation in the oirl_plugin_options function, allowing unauthenticated attackers to modify plugin settings (e.g., distance units, pace...

4.3CVSS4.9AI score0.00151EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/09/11 4:19 a.m.4 views

WordPress Run Log plugin <= 1.7.10 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Claw.k in WordPress Plugin Run Log versions = 1.7.10...

4.3CVSS6.7AI score0.00151EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.2 views

WordPress plugin Run Log 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.3AI score0.00151EPSS
Exploits0References3
Kitploit
Kitploit
added 2023/06/25 12:30 p.m.31 views

Gato - GitHub Self-Hosted Runner Enumeration And Attack Tool

Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating publ...

7.7AI score
Exploits0References6
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.9 views

GaussDB Kernel: Configuring the Log Name

The parameter logfilename specifies the server run log file name. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2020/11/11 12:0 a.m.4 views

openGauss: Configuring the Log Name

The parameter logfilename specifies the server run log file name. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.3AI score
Exploits0References1
OSV
OSV
added 2016/04/20 4:59 p.m.1 views

DEBIAN-CVE-2014-9770

tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under 1 /run/log/journal/%m and 2 /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files...

3.3CVSS4.1AI score0.00351EPSS
Exploits0References1
Rows per page
Query Builder